Installing HP Agents on ESX with PowerCLI and Putty/Plink
Anyone who needs to build multiple ESX(i) hosts naturally looks to scripting to automate the process. Scripting allows for faster deployment once you have developed the script but equally important reduces human error. It’s far to easy to mistype a port group name, vlan number or IP address. Scripting removes this element of humen error and allows you to build ESX(i) hosts preditably and quickly.
Unfortunately there are just some things that PowerCLI cannot natively automate such as installing HP agents on ESX as this requires console / SSH access to the ESX host and running the install “locally”.
Hopefully hardware vendors will see the benefits of integration with VMware Update Manager and allow hardware monitoring agents to be installed and updated with Update Manager but until then we have to make another plan.
It is always painful to have developed a fantastic PowerCLI script to automate your build and at the end still have to manually SSH into your ESX host to install a hardware agent.
One problem with using Putty to make a SSH session to an ESX host is it requires you to accept the server host key which cannot be automatically accepted. Quest have written a custom Putty version to do this but I don’t like breaking the security model that Putty enforces so would prefer to work with the security rather than against it.
Plink.exe is Putty’s command-line connection tool and requires you to send a password to the command to authenticate which we will need to
I’m going to place the files required for the HP agent installation on a datastore and then get PowerCLI to check whether the server host key is cached in the registry and if not launch Putty for you to accept the key and then continue automatically using Plink with the now cached key.
Download the latest HP agents from their website. I’m going to use the 8.6.0 version which can be downloaded from:
http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?lang=en&cc=us&prodTypeId=3709945&prodSeriesId=3884113&prodNameId=3884114&swEnvOID=4091&swLang=8&mode=2&taskId=135&swItem=MTX-3ff4d69bbb6b485287cadb326b
I have a dedicated datastore that stores all ISO’s, Templates, Patches etc.
Upload the hpmgmt-8.6.0-vmware4x.tgz file to a datastore. I created a folder called hp_agent
Putty into your ESX host.
Change directory to the hp_agent folder and extract the agent files.
cd /vmfs/volumes/iso tar -zxvf hpmgmt-8.6.0-vmware4x.tgz
The HP agent install files will be extracted to hpmgmt/860
Change directory to where the HP Agent files have been extracted hpmgmt/860
cd hpmgmt/860/
The file hpmgmt.conf.example is an example file which the scripted install will use to configure the agents.
Rename the file to hpmgmt.conf and amend it if you have any particular changes required for your environment.
mv hpmgmt.conf.example hpmgmt.conf
If you were to now do a silent install of the HP Agents you would use the following command:
./install860vibs.sh --silent --inputfile hpmgmt.conf
We want to be a little cleverer so need to configure some more things.
The file /etc/snmp/snmpd.conf contains the configuration necessary for the SNMP environment and the HP Agent install adds to it. This file is normally also configured with your SNMP trap information.
What would be good is to create a generic snmpd.conf file that can be copied over the existing one so you don’t have to edit it manually.
Create a new snmpd.conf file in /vmfs/volumes/iso/hp_agent
nano /vmfs/volumes/iso/hp_agent/snmpd.conf
and enter the configuration you require for your SNMP traps.
Example:
syscontact VM Team rwcommunity vmcommunity trapcommunity vmcommunity dontLogTCPWrappersConnects 1 trapsink snmpserver1.local trapsink snmpserver2.local # VMware MIB modules dlmod SNMPESX /usr/lib/vmware/snmp/libSNMPESX.so # Following entries were added by HP Insight Management Agents dlmod cmaX /usr/lib64/libcmaX64.so
There is also an additional issue with SNMP and ESX that may create excessive logging for your hosts as described in this VMware KB.
The fix is to amend the /etc/sysconfig/snmpd.options file
Create a new snmpd.options file in /vmfs/volumes/iso/hp_agent
nano /vmfs/volumes/iso/hp_agent/snmpd.options
Enter the amended configuration details into the file:
# snmpd command line options OPTIONS="-Lsd -Lf /dev/null -p /var/run/snmpd.pid"
We now want to create a script file that can silently install the HP agents, copy over the two files and restart the snmpd service.
What would also be clever is to create the script in such a way that it can be used for different HP agent versions without modification. You may require different HP agent versions for different ESX versions and can also future proof your script for the next HP agent version.
The script file will take an argument (parameter) which the script will use to install the correct HP Agent version.
Create a new hp_agent_install.sh file in /vmfs/volumes/iso/hp_agent
nano /vmfs/volumes/iso/hp_agent/hp_agent_install.sh
and add the following lines:
if [ $# -lt 1 ] then echo "Script cannot run, requires argument:" echo "1:HP Agent Version" echo "Example: /vmfs/volumes/iso/hp_agent/hp_agent_install.sh 860" else cd /vmfs/volumes/iso/hp_agent/hpmgmt/$1 ./install$1vibs.sh --silent --inputfile hpmgmt.conf /bin/cp ../../snmpd.conf /etc/snmp/snmpd.conf /bin/cp ../../snmpd.options /etc/sysconfig/snmpd.options service snmpd restart fi
Notes:
Line 1: Checks whether less than 1 parameter has been passed to the script
Line 7: Changes directory to the subfolder version number which is the $1 passed argument
Line 8: Launches the silent install again named with the S1 argument version number
Once you have created the script file you need to change the permissions to make it executable
chmod +x hp_agent_install.sh
Your hp_agent folder will now look like this:
If you were to now run this script for HP Agent version 860 you would use the following command:
/vmfs/volumes/iso/hp_agent/hp_agent_install.sh 860
Now we have set up our script on our ESX environment we need to run this from PowerCLI.
This script is most likely going to form part of your scripted build so will be part of a bigger script which will configure networking, storage etc.
What we need PowerCLI to do is the following:
- Get the ESX Host you wish to configure
- Get the ESX host credentials
- Connect to the ESX Host with the supplied credentials
- Get the Console IP address
- Convert the supplied credential password to clear text for use by Plink.
- Use PLink to test whether the server host key is already cached in the registry
- If not, launch Putty and prompt you to accept the server host key
- When done, test whether PLink can now connect automatically
- If it can, use Plink to install the HP Agents with the script created earlier.
- If not, tell you the command you need to run manually
- Disconnect from the ESX Host
- Clear the clear text password
Write-Host "Enter ESX Host FQDN" -ForegroundColor Magenta $vmhost = "" $vmhost = read-host If ($vmhost -eq "") {Write-Host "No ESX Host Supplied, Exiting" -ForegroundColor Red Exit} Write-Host "Enter ESX host credentials to authenticate" -ForegroundColor Magenta $ESXCred = $host.ui.PromptForCredential("ESX(i) credentials", "Please enter the ESX(i) host user name and password.", "", "") $ESXConnect=Connect-VIServer -Server $vmhost -Credential $ESXCred $ESXHost=Get-VMHost If ($ESXHost -eq "") {Write-Host "Can not connect to ESX Host Supplied, Exiting" -ForegroundColor Red Exit} Write-Host "Getting Host Networking Information" -ForegroundColor Cyan Write-Host "" $HostNetworkInfo = $ESXHost | Get-VMHostNetwork $ConsoleNic = ($HostNetworkInfo.ConsoleNic | Select IP).IP #Get actual ESX hostname $vmhost = $HostNetworkInfo.HostName Write-Host "Connected to ESX host:- " $ESXHost.Manufacturer " " $ESXHost.Model ": " $vmhost "." $HostNetworkInfo.DomainName -Separator "" -ForegroundColor Green Write-Host "" Write-Host "Setting up Putty Connections" -ForegroundColor Cyan # Converting ESX Credential Password to clear text for use by Putty/Plink $Ptr = [System.Runtime.InteropServices.Marshal]::SecureStringToBSTR($ESXCred.Password) $ESXClearPwd = [System.Runtime.InteropServices.Marshal]::PtrToStringBSTR($Ptr) [System.Runtime.InteropServices.Marshal]::ZeroFreeBSTR($ptr) $PlinkLaunch = ("filesharefilelocationputtyplink.exe") + " -v -batch -pw $ESXClearPwd root@" + $ConsoleNic + " " Write-Host "Testing Automatic Putty Connections" -ForegroundColor Cyan $PuttyAvailable = $False $Message = "" $RCommand = "vmware -l" $Message = Invoke-Expression -command ($PlinkLaunch + $RCommand) If ($Message -notmatch "ESX") { Write-Host "Putty host server key is not cached in the registry." -ForegroundColor Cyan Write-Host "Putty will launch, accept the server host key if prompted, you do not need to log in" -ForegroundColor Magenta & ("filesharefilelocationputtyputty.exe") $ConsoleNic Sleep 5 Write-Host "Once accepted, Enter Y to proceed" -ForegroundColor Magenta $a = read-host $Message = "" $RCommand = "vmware -l" $Message = Invoke-Expression -command ($PlinkLaunch + $RCommand) If ($Message -match "ESX") {$PuttyAvailable = $True} Else {Write-Host "Cannot login to host with Putty automatically" -ForegroundColor Red} } Else {$PuttyAvailable = $True} # HP Agent Install Command $RCommand = "/vmfs/volumes/iso/hp_agent/hp_agent_install.sh 860" If ($PuttyAvailable) { Write-Host "Installing HP Agents" -ForegroundColor Cyan $Message = Invoke-Expression -command ($PlinkLaunch + $RCommand) } Else { Write-Host "-----------------------------------------" -ForegroundColor Cyan Write-Host "HP Management Agents need to be manually installed" -ForegroundColor Red Write-Host "HP Management Agent installation command:" -ForegroundColor Magenta Write-Host $RCommand } Remove-Variable -Name $ESXClearPwd Remove-Variable -Name $PlinkLaunch Disconnect-VIServer -Confirm:$False
Notes:
Line 7: Create a custom dialogue box to ask for credentials which looks neater
Line 8: Pass the credentials to the Connect-VIServer command
Line 16: Get the IP address of the Service Console to be used by PLink
Line 26-27: Uses .Net code to convert the stored Credentials from line 7 into clear text.
Line 30: Creates the PLink command line with arguments and username and clear text password
Line 35: Uses the ESX console command vmware -l to get the ESX Version number
Line 36: Invokes the PLink command with vmware -l and stores the result in $Message
Line 37: If $Message does not contain the text “ESX”, it means PLink has not successfuly connected and returned the result of vmware -l
Line 41: Launch Putty which will prompt to add the host key into the registry
Line 47:Invokes the PLink command again with vmware -l to see if it can now connect
Line 48: Sets $PuttyAvailable to True if PLink connects successfully
Line 54:Build command to store HP Agents
Line 58: If Plink can connect automatically, launch PLink with the HP Agent install command
Line 60: If not, display the text so a manual installation can be done.
Line 67-68: Clear the variables holding the clear text pasword
This is gold! Thanks! 🙂
Great post! 🙂